Watch out: MPlayer and VLC media player hit by critical vulnerability
Maintained by the company Live Networks, the library works with RTP / RTCP, RTSP or SIP protocols, with the ability to process video and …
Browsing: Vulnerability
Critical Code Execution Vulnerability Found in Libraries Used By VLC and Other Media Players
A critical code execution vulnerability identified in LIVE555 Streaming Media RTSP Server library used by VLC and other media players. The …
Fixing a CSRF Vulnerability
One way that your website might be vulnerable to an attack is via a Cross-Site Request Forgery (CSRF or XSRF). If you’ve ever been logged …
Buggy software in popular connected storage drives can let hackers read private data
Security researchers have found flaws in four popular connected storage drives that they say could let hackers access a user’s private …
Serious D-Link router security flaws may never be patched
Stop me if you’ve heard this one before. In May, Polish researcher Błażej Adamczyk of the Silesian University of Technology contacted …
Oracle Patches 301 Vulnerabilities in October Update
Oracle’s final Critical Patch Update (CPU) for 2018 is now available, patching 301 different vulnerabilities spread across Oracle’s product …
Apache Access Vulnerability Could Affect Thousands of Applications
Vulnerabilities in Apache functions have been at the root of significant breaches, including the one suffered by Equifax. Now new research …
Tumblr fixes ‘security bug’ that exposed user data
Tumblr, the microblogging platform owned by Oath Inc., has fixed a security flaw that exposed private user data via its “Recommend …
Tumblr Patches A Flaw That Could Have Exposed Users’ Account Info
Tumblr today published a report admitting the presence of a security vulnerability in its website that could have allowed hackers to steal …
Tumblr says it’s fixed a security bug, but says ‘no evidence’ any user data was exposed
Tumblr has disclosed a security vulnerability on its site that in some cases could have exposed account information. The bug was found in …
Researchers expose security vulnerabilities in terahertz data links
A new study shows that terahertz data links, which may play a role in ultra-high-speed wireless data networks of the future, aren’t as …
Medical device maker Medtronic finally fixes its hackable pacemaker
Medtronic, a maker of medical devices and implants, has pulled the plug on its internet-based software update system, which security …
DOM-based XSS Vulnerability Affected 685 Million Users of Tinder, Shopify, Western Union, and Imgur
DOM-based XSS also called as type-0 XSS, this vulnerability allows an attacker to craft a malicious URL and if the URL visited by another …
Facebook Now Revealed Hackers Stolen 29 Million Facebook Users Personal Data
Facebook now says hackers accessed 29 million Facebook users data by the recent data breach and stolen users personal details such as Email …
Experian credit-freeze PINs could be revealed by a simple trick
Last year was a rough time for consumers whose personal information was handled with, shall we say, less than due diligence by the credit …
PoC exploit for Windows Shell RCE released
Here’s one more reason to hurry with the implementation of the latest Microsoft patches: a PoC exploit for a remote code execution …
Major weapon systems developed by US DoD highly vulnerable to cyber attacks
The advanced weapon systems developed by the US Department of Defense with a whopping estimated expenditure of $1.66 trillion are plagued …
[webapps] Microsoft SQL Server Management Studio 17.9 – ‘.xmla’ XML External Entity Injection
# Exploit Title: Microsoft SQL Server Management Studio 17.9 – ‘.xmla’ XML External Entity Injection # …
FTSE 100 Vulnerability Warning: Over 70% Have Single DNS Provider
Over 70 percent of the FTSE 100’s constituent companies rely on a single DNS nameserver, or provider, potentially exposing them to …
Juniper fixes 30+ vulnerabilities in its routing, switching devices
Juniper Networks has issued fixes for over thirty vulnerabilities affecting its routing, switching and security products running Junos OS. …
Voxxed Days Microservices: Vulnerabilities in Microservices
Hi Julien, tell us who you are and what lead you into microservices. Hi, I’m a passionate developer coaching other devs …
Threat Actors Prey on Drupalgeddon Vulnerability to Mass-Compromise Websites and Underlying Servers
IBM Security’s Managed Security Services (MSS) team monitors the enterprise threat landscape on an ongoing basis, detecting and mapping …
Suspected NASA Hacker Busted After Boasting About Exploits
Memo to hackers: Boasting about your exploits on social media channels is a good way to get …
9 million Xiongmai cameras, DVRs wide open to attack
SEC Consult researchers have issued a warning about a handful of critical vulnerabilities they discovered in video surveillance equipment …
Microsoft Released Security Updates & Fixed 49 Vulnerabilities that Affected Microsoft Products
Microsoft released security update under patch Tuesday that affected many of its products along with certain critical Windows zero-day …
Apple fixes iOS 12 passcode bypass vulnerabilities
Apple has released security updates to address a number of vulnerabilities in iCloud for Windows and iOS, some of which can be exploited by …
The end of Google+: Low usage and an API bug that exposed user data
Google has announced that it will be closing down the consumer version of Google+, its failed answer to Facebook, and is introducing more …
California’s ban on weak default passwords isn’t going to fix IoT security
Plenty of articles have been written about the United States’s first IoT cybersecurity law due to come into force in California on …
Google Announced Google+ Shut down, Following Security Breach That Exposed 500,000 Users Accounts
Google announced Google+ shut down following the security breach that exposed 500,000 Google+ accounts. The bug allows third-party …
Consumer version of Google+ to be shut down following data exposure
Google LLC is shutting down the consumer version of its Facebook Inc. competitor Google+ after it was reported that the platform has been …